Moving from Checkbox Compliance to True Data Security

Moving from Checkbox Compliance to True Data Security

Organizations are shifting their focus to a core set of principles around protecting their credentials and data, but they struggle with a starting point. In this 6-part ‘Checkbox Compliance to True Data Security’ blog series, we will provide a foundational blueprint. The series will cover an overview of Data Access Governance (DAG) and introduce the 5 phases that will help shape a true data security program. In an interview with Dark Reading, Brian Christensen, head of global audit for Protiviti…

Read More Read More

Announcing StealthDEFEND 1.1

Announcing StealthDEFEND 1.1

Point releases are not usually a big deal. And while we could have quietly released the latest version of our real-time threat analytics and alerting component of the STEALTHbits’ Data Access Governance suite, the team worked hard to incorporate the feedback we received and make significant strides. The cyber security industry skills gap continues to increase; some, myself included believe that skills are not the only shortage we face. Many security challenges are becoming too complex to solve via traditional…

Read More Read More

Auditing and Reporting for Box Like Never Before

Auditing and Reporting for Box Like Never Before

Something I say in customer meetings a lot is that unstructured data isn’t glamourous. In a world where people are talking about machine learning, IoT, the latest vulnerabilities and exploits, and other cutting edge stuff, files and folders doesn’t get a lot of air time. If you’re reading this blog, though, you know these uncool bits of data are potentially dangerous and need attention. That leads to an interesting effect in meetings. Often prospects and customers will ask us what…

Read More Read More

2017 Cybersecurity Recap & 2018 Predictions

2017 Cybersecurity Recap & 2018 Predictions

As we begin to wrap up 2017 and reflect back on the year, we looked at what the industry has accomplished and in some cases where we have fallen short. In the early part of this year many industry thought leaders were stating that 2017 would again be the year of ransomware. They were all very correct in their statements, but this year has shown us much more, it has shown us the increasing need for cybersecurity insurance, data access…

Read More Read More

STEALTHbits ProTip: StealthAUDIT’s Sensitive Data Discovery for Compliance

STEALTHbits ProTip: StealthAUDIT’s Sensitive Data Discovery for Compliance

With compliance standards driving more and more organizations to directly tag their data, StealthAUDIT’s Sensitive Data Discovery allows you to easily locate and understand the data that was important enough to tag in the first place. The configuration for sensitive data discovery is located within the Criteria Editor.  To get there navigate the Job Tree to the 1-SEEK System Scans job located in Jobs > FileSystem > 0.Collection.  Open the Query Properties as shown below: From here, select SDD Audit Criteria…

Read More Read More

Learn How to Defeat Advanced Attacks against Active Directory at Microsoft Ignite 2017

Learn How to Defeat Advanced Attacks against Active Directory at Microsoft Ignite 2017

There’s a lot of news coverage on threats like ransomware, malware, and phishing that are all about punching holes in organizations to grab quick spoils. But what isn’t getting a lot of coverage is the careful, patient planning attackers do once inside your Microsoft Active Directory (AD) environment. They fly under the radar scoping out your domain and amassing privileges so they can spread out, dig in, and access a smorgasbord of sensitive data. These meticulously executed—and ultimately more dangerous…

Read More Read More

STEALTHbits Introduces Automated Machine Learning to Data Access Governance at NetApp Insight

STEALTHbits Introduces Automated Machine Learning to Data Access Governance at NetApp Insight

STEALTHbits CTO, Jonathan Sander, recently returned from a road trip across the U.S. where he met with several customers. One of them remarked that finding sensitive data across his organization was like trying to find Waldo in the children’s book series, Where’s Waldo. The customer went on to say, ‘Even if we find it, we don’t have a foolproof way of keeping our sensitive information safe.’ He’s not the only one facing this dilemma. Organizations that have successfully implemented a…

Read More Read More

File System Attacks

File System Attacks

Credentials Are the Means to Attack Data If you’ve been reading the attack blog series until now, you’ve seen we have focused on attacks against Active Directory – like attacking core AD infrastructure, leveraging AD service accounts to attack, attacking AD with misconfigured permissions, and our series on Mimikatz attacks. Of course, AD is the hub for so much access to data in any organization that it may feel like those attacks actually compromise everything else. Today we’re kicking off…

Read More Read More

Prevent Data Theft with File Activity Monitoring

Prevent Data Theft with File Activity Monitoring

Preventing Data Theft with File Activity Monitoring If you ask most folks who pay attention to cybersecurity what the recent big-name breaches and headline-grabbing malware have in common, you would get many answers. Some would say they were next-generation ransomware like NotPetya or WannaCry. Others would say that the HBO and Sony breaches started with a phishing email and ballooned from there. Even more would say that next-generation firewalls should have helped but didn’t. While these are all true, they…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.